Skip to main content
Tallo logoTallo logo
Apply for this opportunity

This job application is on an outside website. Be sure to review the job posting there to verify it's the same.

NIH - Cyber Program Analyst

Job

cFocus Software Incorporated

Remote

Full-Time

Posted 1 week ago (Updated 4 days ago) • Actively hiring

Expires 8/3/2026

Review key factors to help you decide if the role fits your goals.
Pay Growth
?
out of 5
Not enough data
Not enough info to score pay or growth
Job Security
?
out of 5
Not enough data
Calculating job security score...
Total Score
73
out of 100
Average of individual scores

Were these scores useful?

Skill Insights

Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.

Job Description

cFocus Software seeks a Cyber Program Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
Public Trust Clearance B.S. Computer Science, Information Technology, or a related field 2+ years supporting federal cybersecurity programs, RMF, governance, compliance, or ISSO activities. Preferred certifications include Security+, CAP, CISSP, CISM, PMP, or equivalent. Knowledge of
NIST RMF, NIST SP 800-53
Rev.5, FISMA, FIPS, A&A, POA&M management, SSP development, cybersecurity reporting, risk management, executive communications, ServiceNow, Microsoft Office, and cybersecurity governance.
Duties:
Support day-to-day program management activities, schedules, milestones, action items, and project reporting. Develop weekly, monthly, quarterly, and ad hoc cybersecurity reports, executive dashboards, risk profiles, and program metrics. Coordinate Program Management Plans, Project Management Plans, Integrated Master Schedules, SOPs, and other contract deliverables. Support Front Door security operations by tracking requests, maintaining documentation, and coordinating issue resolution. Assist ISSOs and System Owners with Assessment and Authorization (A&A) activities throughout the RMF lifecycle. Develop and maintain RMF documentation including SSPs, Security Assessment Plans, Security Assessment Reports, POA&Ms, and authorization packages. Monitor
NIST SP 800-53
Rev. 5 security control implementation and continuous monitoring activities. Track Plans of Action & Milestones (POA&Ms), risk acceptance decisions, and remediation activities. Support Risk Management Strategy updates, common control libraries, and Cybersecurity Supply Chain Risk Management (C-SCRM) activities. Coordinate FISMA reporting, audit responses, corrective action plans, and cybersecurity compliance activities. Provide cybersecurity guidance to stakeholders regarding security requirements, documentation, and compliance obligations. Analyze cybersecurity metrics and identify trends, risks, and recommendations supporting executive decision making. Maintain program documentation and ensure compliance with
NIH, HHS, NIST
RMF, and federal cybersecurity policies.